Safe mode is no longer supported. Any application that rely on safe mode may need adjustements in term of security.

Salsa10 and Salsa20 hash algorithms have been removed.

In Date extension, setting the timezone with the TZ environment variable is no longer supported. The extension will no longer guess the default timezone if none is set, instead it will always fall back to “UTC”.

Non-numeric string offsets – e.g. $a[‘foo’] where $a is a string – now return false on isset() and true on empty(), and produce warning if trying to use them. Offsets of types double, bool and null produce notice. Numeric strings ($a[‘2’]) still work as before. Note that offsets like ‘12.3’ and ‘5 and a half’ are considered non-numeric and produce warning, but are converted to 12 and 5 respectively for BC reasons.

Turning null, false or empty string into an object by adding a property will now emit a warning instead of an E_STRICT error.

Converting array to string now will cause E_NOTICE warning.

Shadowing names of superglobals for parameter names now causes a fatal error.

array_combine() now returns array() instead of FALSE when two empty arrays are provided as parameters.

call_user_func_array() no longer allows call-time pass by reference.

htmlentities() now emits an E_STRICT warning when used with asian characters, as in that case htmlentities() has (and already had before this version) the same functionality as htmlspecialchars().

The following keyword(s) are now reserved and may not be used in function, class, etc. names.